-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy path学习笔记
175 lines (117 loc) · 4.54 KB
/
学习笔记
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
本书的examples
https://github.com/geerlingguy/ansible-for-devops
常用的服务器playbooks
https://github.com/ansible/ansible-examples
$ ansible example -m ping -u [username]
[multi:vars]
ansible_ssh_user=vagrant
ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
--forks 设置并发
--list-hosts --check
--remote-user=johndoe
--ask-pass
--extra-vars=VARS
--connection=local
--check
--force-handlers
限制运行的主机
$ ansible app -s -a "service ntpd restart" --limit "192.168.60.4"
# Limit hosts with a simple pattern (asterisk is a wildcard).
$ ansible app -s -a "service ntpd restart" --limit "*.4"
# Limit hosts with a regular expression (prefix with a tilde).
$ ansible app -s -a "service ntpd restart" --limit ~".*\.4"
Manage users and groups
$ ansible app -s -m group -a "name=admin state=present"
#The group module is pretty simple; you can remove a group by setting state=absent
# , set a group id with gid=[gid] , and indicate that the group is a system group with system=yes
$ ansible app -s -m user -a "name=johndoe group=admin createhome=yes"
$ ansible app -s -m user -a "name=johndoe state=absent remove=yes"
Manage files and directories
Get information about a file
$ ansible multi -m stat -a "path=/etc/environment"
Copy a file to the servers
$ ansible multi -m copy -a "src=/etc/hosts dest=/tmp/hosts"
src包含斜杠的话,只有目录内容复制,没有的话,目录和内容一起复制
copy模块适合单文件,小目录
内部有很深的嵌套目录的话 适合
you should consider either copying then expanding an archive of the files with Ansible’s unarchive module, or using Ansible’s synchronize module.
Retrieve a file from the servers
$ ansible multi -s -m fetch -a "src=/etc/hosts dest=/tmp"
Create directories and files
$ ansible multi -m file -a "dest=/tmp/test mode=644 state=directory"
Delete directories and files
$ ansible multi -m file -a "dest=/tmp/test state=absent"
Manage cron jobs
$ ansible multi -s -m cron -a "name='daily-cron-all-servers' \
hour=4 job='/path/to/daily-script.sh'"
$ ansible multi -s -m cron -a "name='daily-cron-all-servers' state=absent"
其他
$ ansible app -s -m git -a "repo=git://example.com/path/to/repo.git \
dest=/opt/myapp update=yes version=1.2.4"
Ansible’s SSH connection history
加速openssh
升级openssh 最新版
注释掉/etc/sudoer Deaults requiretty
/etc/ansible/ansible.cfg
pipelining=True
重启sshd 服务
测试 提高至少3倍
- name: Install EPLE
command: "wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo"
确保某文件包含某行
- name: Enable upload progress via APC.
75 lineinfile:
76 dest: "/etc/php5/apache2/conf.d/20-apcu.ini"
77 regexp: "^apc.rfc1867"
78 line: "apc.rfc1867 = 1"
79 state: present
80 notify: restart apache
- name: Check out drush master branch.
95 git:
96 repo: https://github.com/drush-ops/drush.git
97 dest: /opt/drus
- name: Download Solr.
21 get_url:
22 url: http://apache.osuosl.org/lucene/solr/4.9.1/solr-4.9.1.tgz
23 dest: "{{ download_dir }}/solr-4.9.1.tgz"
24 sha256sum: 4a546369a31d34b15bc4b99188984716bf4c0c158c0e337f3c1f98088aec70ee
25 - name: Expand Solr.
26 command: >
27 tar -C /tmp -xvzf {{ download_dir }}/solr-4.9.1.tgz
28 creates={{ download_dir }}/solr-4.9.1/dist/solr-4.9.1.war
环境变量
为远程账户设置变量,添加变量到用户的.bash_profile
注意 只有shell模块可以使用这个变量
- name: Add an environment variable to the remote user's shell.
lineinfile: dest=~/.bash_profile regexp=^ENV_VAR= line=ENV_VAR=value
example:
- name: Add an environment variable to the remote user's shell.
2 lineinfile: dest=~/.bash_profile regexp=^ENV_VAR= line=ENV_VAR=value
3
4 - name: Get the value of the environment variable we just added.
5 shell: 'source ~/.bash_profile && echo $ENV_VAR'
6 register: foo
7
8 - name: Print the value of the environment variable.
9 debug: msg="The variable is {{ foo.stdout }}"
或者
- name: Add a global environment variable.
lineinfile: dest=/etc/environment regexp=^ENV_VAR= line=ENV_VAR=value
sudo: yes
一次性对于task的环境变量
- name: Download a file, using example-proxy as a proxy.
get_url: url=http://www.example.com/file.tar.gz dest=~/Downloads/
environment:
http_proxy: http://example-proxy:80/
或者
vars:
var_proxy:
http_proxy: http://example-proxy:80/
https_proxy: https://example-proxy:443/
[etc...]
tasks:
- name: Download a file, using example-proxy as a proxy.
get_url: url=http://www.example.com/file.tar.gz dest=~/Downloads/
environment: var_proxy
查看远程变量
ansible test -m shell -a 'echo $TEST'